Resource Center

Egyptian Hacker ‘Virus_Hima’ Claims Discovery of Yahoo Bugs

An Egyptian hacker claims to have discovered a Yahoo vulnerability that allowed him to access a full-files backup for one of the company’s domains, according to one of the most loquacious Pastebin posts ever. "Virus_Hima" told the story of his life and released images to prove the breach, which is backed up by cross-site scripting and SQL injection vulnerabilities.

“I have found tens of 0days vulnerabilities in big web sites such as Adobe/Microsoft/Yahoo/Google/Apple/Facebook and many more,” "Virus_Hima" said. “Google was great in fast reply and patch release. Same goes with some others. But for Adobe and Yahoo they were so slow in reply and fix. You know what? Yahoo never reply for my message! [sic]”

The hacker allegedly decided to teach both a “hard lesson” that will make them harden their security measures. He also promised he will never publish or sell the Adobe records he hacked.

“I'm not looking to ruin anybody business,” "Virus_Hima” added. “I've stopped black hat activities long time ago and will never be a black hat again. Because long time ago I started working as a security researcher and penetration tester in legal manner with legal companies, so I'm not looking to ruin my career/reputation because of such activities.”

The hacker also mentioned he was not the cyber-criminal selling a cross-site scripting vulnerability on a hacker forum for $700, and he’s not planning to do any more hackings soon.